As of Struts version 2.0.9 the JSTL/JSP expression language (EL) has been disabled for Struts tag attributes which evaluate OGNL. This is a precaution against security vulnerabilities that can result from the double-evaluation that occurs when an attribute is first processed as a JSTL/JSP EL expression and then the result is processed as an OGNL expression. The solution is to express all dynamic attribute values in Struts tags using OGNL expressions directly.